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LiteBit Bitcoin Exchange Hacked Twice in Two 
Months 


By Catalin Cimpanu 


September 18,2017 02:55 AM 0 



LiteBit.eu — a multi-currency exchange based in the Netherlands — has 
suffered data breaches two months in a row. 


According to emails sent to affected customers after each event, no 
Bitcoin or altcoin funds were stolen in any of these two incidents. 
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The company says the attacker only pilfered user personal information, 
such as emails, hashed passwords, bank account numbers (IBANs), 
telephone numbers, and home addresses. 


While LiteBit was lucky that no currency was stolen, it shows a 
continued lack of security precautions being taken by exchanges who 
keep reporting breaches. Furthermore, the information being stolen is 
obviously of concern to the victims as it could lead to identity theft or to 
other accounts being hacked by the attackers 


August 2017 breach 

The first incident took place on August 5, and the company sent out the 
following email to affected customers after it detected suspicious activity 
on one of its servers and fixed the security hole. 


On August 5, 2017 we observed unusual activities on LiteBit's servers. 
Unfortunately, we have concluded that there has been unlawful access to 
LiteBit data. No LiteBit wallet servers have been broken, all coins of customers 
are safe. Also, there are no verification documents (ID or passport) involved in 
this incident. 

The cause of the leak is known, and the problems have now been solved. It is 
not clear whether data has actually been stolen. In the worst case, an 
unauthorized person has gained access to yours; Email address, encrypted 
password, IBAN, phone number, address and your portfolio data. 

What does this mean to you? For users who have 2-step authentication, it's 
very important that they reset it. We also recommend that you enable this 
additional security measure, for customers who have not already done so. 

In addition, it is important to change your password regularly. 


September 2017 breach 
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The second breach took place last week, on September 12, six weeks after 
the first incident. This time around, the source of the breach was with 
one of LiteBit’s "suppliers." 

Again, the exchange said the hacker made off only with PII and user 
funds remained secure. Authorities have been informed. The content of 
the second email is below. 




Dew 


We regret to inform you that on the 12th of September 2017 a supplier to UteBit 
has become the victim of a cyberattaclt. Sadly, the attack also concerned a 
LiteBit server. We ere currently investigating the scope ol the attack. Sadly we 
have to conclude that an unauthorized person has had access to your; email 
address, hashed password. iBANs, phone number, address and portfolio data. 

There has, however, been no breach on the LiteBit wallet servers. All 
coins belonging to customers are safe. Also, no verification documents 
have been accessed during the incident. 

It is Of high importance thal you resel your 2FA settings, you can read more 
about this boro: LiteBit 2FA 

We understand thal the recent problems at UteBit and our supplier have 
damaged your trust in our organization. We want 10 stow our deepest remorse. 
We have already taken measures and we will keep improving and expanding 
on these measures m the future in hope to regain your trust. We have reported 
this incident to the police and Ihe Dutch Data Protection Authority. 

Please do not hesitate to contact our helpdesk ff you have any more 
questions^ 

Phone: +31 (03 10 307 48 20 
Email: T: - ■ ny 

We are very sorry the inconvenience this may has caused, 

^ Catalin Cimpanu 

@campuscodi 

LiteBit email announcing September 2017 data breach (h/t 
anonymous tipster) 

2:41 PM - Sep 18, 2017 

3 See Catalin Cimpanu's other Tweets 
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We regret to inform you that on the 12th of September 2017 a supplier to 
LiteBit has become the victim of a cyberattack. Sadly, the attack also 
concerned a LiteBit server. We are currently investigating the scope of the 
attack. Sadly we have to conclude that an unauthorized person has had 
access to your; email address, hashed password, IBANs, phone number, 
address and portfolio data. 

There has, however, been no breach of the LiteBit wallet servers. All coins 
belonging to customers are safe. Also, no verification documents have been 
accessed during the incident. 

It is of high importance that you reset your 2FA settings, you can read more 
about this here: LiteBit 2FA. 

We understand that the recent problems at LiteBit and our supplier have 
damaged your trust in oour organization. We want to show our deepest 
remorse. We have already taken measures and we will keep improving and 
expanding on these measures in the future in home to regain trust your trust. 
We have reported this incident to the police and the Dutch Data Protection 
Authority. 
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